Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Terraform for azure: the good, the bad and the ugly -

147 views

Published on

GetLatestVersion OnAir 2019-02-12
Terraform For Azure: the Good, the Bad and the Ugly
Video: https://www.youtube.com/watch?v=ynHJepOUKQE

Published in: Software
  • DOWNLOAD FULL. BOOKS INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Terraform for azure: the good, the bad and the ugly -

  1. 1. Terraform for Azure: the good, the bad and the ugly Giulio Vian – DevOps Lead – Glass, Lewis & Co.
  2. 2. Why Terraform?
  3. 3. Agenda Slides on SlideShare
  4. 4. The Good,
  5. 5. What is Terraform? Provisioning •Terraform •Azure ARM Template •Azure CLI •Azure Powershell Configuration •Powershell DSC •Chef •Ansible •Packer Deployment •Azure DevOps
  6. 6. What is Terraform? Provisioning •Terraform •Azure ARM Template •Azure CLI •Azure Powershell Configuration •Powershell DSC •Chef •Ansible •Packer Deployment •Azure DevOps
  7. 7. No, what is Terraform? Single executable (kinda) https://www.terraform.io/
  8. 8. Terraform DSL resource "azurerm_virtual_machine" "vm_demo" { name = "demovm" location = “northeurope" resource_group_name = "tf-demo" network_interface_ids = ["${azurerm_network_interface.vm_demo.id}"] vm_size = "Standard_B2s" storage_image_reference { publisher = "MicrosoftWindowsServer" offer = "WindowsServerSemiAnnual" sku = "Datacenter-Core-1803-smalldisk" version = "latest" } storage_os_disk { name = "demovm-osdisk" caching = "ReadWrite" create_option = "FromImage" } storage_data_disk { name = "demovm-datadisk" create_option = "Empty" lun = 0 disk_size_gb = "10" } os_profile { computer_name = "DEMOVM" admin_username = "${var.vm_admin_username}" admin_password = "${var.vm_admin_password}" } os_profile_windows_config { provision_vm_agent = true enable_automatic_upgrades = false } }
  9. 9. How it works Command line tool terraform init terraform plan -out temp.dat terraform apply temp.dat Providers Executables azurerm, azuread, azurestack State (metadata)
  10. 10. Terraform basics
  11. 11. Infrastructure-as-Code mindset No manual changes Replace hand built resources with automation Source control
  12. 12. Terraform 0.12 Great promises in a not-so-near future
  13. 13. Tip: Passing credentials resource "azurerm_virtual_machine_extension" "my_vm_dscext" { #... protected_settings = <<PROTECTED_SETTINGS { "configurationArguments": { "someCredential": { "userName": "theUser", "password": "${var.the_user_pass}" } } } PROTECTED_SETTINGS }
  14. 14. Tip: assigning IPs Static addresses cidrsubnet cidrhost
  15. 15. Tip: pulling KeyVault Pre-load KeyVault with secrets data "azurerm_key_vault_secret" "test" { name = "mypassword" vault_uri = "https://yourvault.vault.azure.net/" }
  16. 16. Integration azurerm_virtual_machine_extension Powershell DSC Custom script → bash / Ansible Providers Chef, Docker, Kubernetes Provisioners ssh / WinRM
  17. 17. the Bad,
  18. 18. Language Limits (HCL <0.12) Loops are hard Nested loop almost impossible Ifs are hard or impossible
  19. 19. Catching up Application Gateway story
  20. 20. Simple errors Error: Error applying plan: azurerm_lb_probe.lb_probe_http: Error Creating/Updating LoadBalancer network.LoadBalancersClient#CreateOrUpdate : Failure sending request: StatusCode=0 -- Original Error: Put https://management.azure.com/subscriptions /12345678-9abc-def0-1234- 56789abcdef0/resourceGroups/qa/providers/M icrosoft.Network/loadBalancers/qa- loadbalancer?api-version=2017-09-01: http: ContentLength=1655 with Body length 0
  21. 21. and the Ugly
  22. 22. State management Myth: State is map of reality Setup in shared, locked place Azure Storage or AWS S3 Some changes not sensed Learn to use terraform state
  23. 23. Stay organized / repo root modules terraform modules utility general purpose shared common to multiple applications or environments application_name internal or public application non-production can be rebuilt any moment shared common to multiple environments e.g. deploy agents, jumpbox qa Integration test uat User acceptance test perf Load testing production everything here is critical ... details on next slide
  24. 24. Stay organized (cont’d) / repo root production everything here is critical legacy hand made infrastructure e.g. TFS shared common to main and DR e.g. networking live PRODUCTION ENVIRONMENTS network “everlasting” resources data-tier long-lived resources app-tier short-lived resources app_name resources for an app dr Disaster recovery site ... As above
  25. 25. Folders and state Each leaf has a state file Source can refer to existing state files production shared production/shared/terraform.tfstate live network production/live/network/terraform.tfstate app-tier production/live/app-tier/terraform.tfstate
  26. 26. Three steps to import Define as regular resources Add safety clause lifecycle { prevent_destroy = true } Include in state terraform import
  27. 27. Tip: Terraform tips HCL parser idiosyncrasies Regex might be troublesome is not unusual
  28. 28. Wrap-up 29
  29. 29. Successo?
  30. 30. Study the book Terraform - Up and Running: Writing Infrastructure as Code — Y.Brikman (O′Reilly)
  31. 31. Bio in pictures 32 giulio.dev@casavian.eu @giulio_vian https://www.slideshare.net/giuliov https://tfsaggregator.github.io http://blog.casavian.eu/ Hardware spec: 1KB RAM (upg. 16KB) 4KB ROM First computer Companies Communities
  32. 32. End of trasmissions 33
  33. 33. Backup slides

×